<?php

/**
 * OAuth操作
 * 
 * @author ShuangYa
 * @package EUser
 * @category Service
 * @link http://www.sylingd.com/
 * @copyright Copyright (c) 2015 ShuangYa
 * @license http://lab.sylingd.com/go.php?name=euser&type=license
 */

namespace euser\service;
use \sy\lib\YSecurity;
use \sy\lib\db\YMongoDB;

class Oauth {
	protected static $_instance = NULL;
	public static function i() {
		if (self::$_instance === NULL) {
			self::$_instance = new self;
		}
		return self::$_instance;
	}
	public function __construct() {
		
	}
	/**
	 * 获取Client信息
	 * @access public
	 * @param int $id
	 * @return string
	 */
	public function getClient($id) {
		$id = YMongoDB::MongoID($id);
		if ($id === FALSE) {
			throw new \Exception('invalid id');
		}
		$r = YMongoDB::i()->select('OAuthApp')->getOne(['_id' => $id]);
		return $r;
	}
	/**
	 * 获取用户对某个应用的授权
	 * @access public
	 * @param string $user 用户ID
	 * @param string $client 客户端ID
	 * @return boolean/array
	 */
	public function getUserAuth($user, $client) {
		if (($user = YMongoDB::MongoID($user)) === FALSE) {
			throw new SYException('invalid user id');
		}
		if (($client = YMongoDB::MongoID($client)) === FALSE) {
			throw new SYException('invalid client id');
		}
		$r = YMongoDB::i()->select('OAuthToken')->getOne(['client' => $client, 'user' => $user]);
		if ($r === NULL) {
			return FALSE;
		} else {
			return $r;
		}
	}
	/**
	 * 生成一个AuthorizeCode
	 * @access public
	 * @param string $id 用户ID
	 * @param string $client ClientKey
	 * @param string $scope 授权范围
	 * @param string $redirect_uri redirect_uri
	 * @return string
	 */
	public function createAuthorizeCode($id, $client, $scope, $redirect_uri) {
		$AuthorizeCode = [
			'user' => $id,
			'expire' => $_SERVER['REQUEST_TIME'] + 600,
			'client' => $client,
			'scope' => $scope,
			'redirect_uri' => $redirect_uri
		];
		$r = YMongoDB::i()->select('OAuthAuthorizeCode')->insert($AuthorizeCode);
		return $r[0];
	}
	/**
	 * 获取一个AuthorizeCode
	 * @access public
	 * @param string $code
	 */
	public function getAuthorizeCode($code) {
		return YMongoDB::i()->select('OAuthAuthorizeCode')->getOne(['_id' => YMongoDB::MongoID($code)]);
	}
	/**
	 * 移除一个AuthorizeCode
	 * @access public
	 * @param string $code
	 */
	public function removeAuthorizeCode($code) {
		return YMongoDB::i()->select('OAuthAuthorizeCode')->delete(['_id' => YMongoDB::MongoID($code)]);
	}
	/**
	 * 获取一个AccessToken
	 * @access public
	 * @param string $id 用户ID
	 * @param string $client ClientKey
	 * @param string $scope 授权范围
	 * @return string
	 */
	public function createAccessToken($id, $client, $scope) {
		$AccessToken = [
			'client' => $client,
			'user' => $id,
			'scope' => $scope,
			'create' => $_SERVER['REQUEST_TIME'],
			'expire' => $_SERVER['REQUEST_TIME'] + 2592000 //默认失效时间为2592000秒，即30天
		];
		$r = YMongoDB::i()->select('OAuthToken')->insert($AccessToken);
		return $r[0];
	}
	/**
	 * 获取一个AccessToken
	 * @access public
	 * @param string $token
	 */
	public function getAccessToken($token) {
		return YMongoDB::i()->select('OAuthToken')->getOne(['_id' => YMongoDB::MongoID($token)]);
	}
	/**
	 * 移除一个AccessToken
	 * @access public
	 * @param string $token
	 */
	public function removeAccessToken($token) {
		return YMongoDB::i()->select('OAuthToken')->delete(['_id' => YMongoDB::MongoID($token)]);
	}
	/**
	 * 获取scope描述
	 * @access public
	 * @param string $name
	 * @return string
	 */
	public function getScopeDescription($name) {
		$scope = [
			'base' => '获取基本信息（用户名、头像等）'
		];
		return $scope[$name];
	}
}